Originally published in the November 1994 issue of Advanced Systems.

Unix Enterprise

Order without autocracy

By Randy Johnson & Harris Kern

Critics (usually mainframers) typically characterize Unix systems as "free-for-all" computing, lacking discipline for where data go and who has access. To add insult to injury, critics (again, typically mainframers) also charge that those chaotic Unix environments need an ungodly amount of attention by lots of expensive, highly skilled system administrators.

We concede the fact that system administration is perhaps the most important support function for Unix distributed-computing environments -- it's a very complex computing system running highly complex tasks. However, with the proper centralized controls and practices, you can deliver system administration services throughout your enterprise effectively, efficiently, and at a reasonable cost. We know you can: We did it at Sun.

Here's an overview of how we arranged our systems at Sun to best deliver systems support for our Unix environments. In future columns, we'll detail the tools and procedures that best deliver those services.

Dataless desktops
Let's start by clearly differentiating the two types of computing systems common to most businesses: user desktops and production systems. User desktops are the hardware and diversity of personal-productivity software tools, such as spreadsheets, electronic mail, and word processors, that the various technical, clerical, management, and sales people use to create, build, maintain, and sell a business' products and services. Business production systems, on the other hand, include client/server and peer-to-peer environments in which database and application servers distribute mission-critical business information and applications to the enterprise. Sun's Information Resources (SunIR), the group responsible for enterprisewide system administration, supports user desktops and business production systems with somewhat different approaches. The typical user desktop at Sun consists of a SPARCstation networked to two key servers: a fileserver and a desktop-software server. (On average, there are about 80 clients per local-area network.) Except for the operating system (Solaris, mostly), SunIR won't install or support any program or data on the desktop disk. Rather, we configure the desktop systems so that the file and software servers automatically are available and used by the desktop client over the LAN. The local disk, if present at all, is reserved for noncritical performance-related functions like paging, swap, and security (root). Hence, Sun's desktop is what is commonly called a "diskfull and dataless" client -- all the users' applications are located on the software server and their data go to the fileserver.

A single group in SunIR manages all desktop software purchases and licensing for the enterprise and provides standard versioning and releases of the supported list. For instance, there are at least two different spreadsheet and two desktop-publishing products available. If a user wishes or needs to install an unsupported product, they must install it on their own LAN's fileserver, and they retain responsibility for its support.

When a new desktop-software product or new release is obtained by SunIR's software group, they follow internal quality assurance and testing standards to make sure it is ready for production. The software then goes through a distribution process that automatically updates the software servers attached to every LAN worldwide at Sun (see Unix Enterprise, September 1994).

From the system administration standpoint, centralized control of the desktop through centralized fileservers and data servers greatly eases maintenance and operations tasks. We (SunIR), not our customers (Sun's desktop users), take responsibility for ensuring the quality of desktop software and its proper distribution across Sun's desktops, as well as maintaining and backing up their applications and data. And we place our system administrators close to the users; one or more for each campus site, and a regional administrator for our worldwide sales offices. This way users can focus on their work and not continually fiddle with their hardware and software.

Production systems
We've also centralized and automated the processes that support mission-critical business systems that run in Sun's distributed client/server environments. We've simply extended the traditional mainframe data-center infrastructure (database administration, production control, technical support, and computer operators) to support Unix production systems. We call this process the Unix Production Acceptance (UPA).

The SunIR data center works with Sun's business units to implement new systems. What differentiates our approach compared with Sun's desktop is that we do not dictate anything to the business units other than that we all follow the UPA process. The business units tell us where to locate their production server, what database they'll use, and so on -- whatever they decide it takes to run the business. Our job is to install and maintain those systems. So, believe it: System administrators play a very critical role.

In order to support those mission-critical applications throughout the world, we extended centralized "glass-house" controls over Sun's wide-area network: Like the data-center's database administrators who support all databases, centrally based system administrators support all production servers. System administration services are provided by Sun's data-center staff, many of whom are ex-MVS and VM systems programmers. And, as with the desktop systems, many of our data-center system administration tasks are automated. For instance, some mission-critical applications are backed up over the network. Therefore, to borrow a phrase: The network is the data center.

However, we also rely on locally placed system administrators for support. That's because some mission-critical applications need to be backed up to tape, and they need to be stored closely offsite for disaster recovery. The local system administrator is responsible for those critical tapes stored. And, since they are close by, they are readily on hand to assist the data center in its support of the business units with any hardware-related issues.

Saved by centralization
Okay, okay -- we're preaching once again for centralized controls over Unix distributed-computing environments. Yet, you can easily see that system administration, like many other data-center functions, is more easily and more efficiently done in a centralized and automated environment, particularly because we can easily automate many of the tasks. Software distribution is just one example. Another example, automated backups -- the most fundamental system administration task -- is much easier to perform and track on centralized systems than if it were on a plethora of desktop systems.

The upshot is that we need fewer numbers of system administrators who will work more productively in our centralized environments than for traditional, decentralized Unix systems. Currently, Sun has roughly a 125:1 employee to system administrator ratio, and there is a plan in place to increase that ratio to 300:1 over the next three years by making improvements to existing systems and implementing more automated processes.

There happens to be another money-saving angle to having centralized controls. Because they control a large installed base, single groups within the organization are responsible for the hardware and software systems to negotiate the best prices and options and deal directly with the vendors on any critical problems.

One qualification: Sun's systems are very homogeneous. Most of our employees have SPARCstations on their desktops, for example; the number of PC or Mac clients is minuscule compared with our 23,000-plus workstations distributed worldwide. That makes all our software selections, testing, distribution, and services much easier, and the required amount of system administration oversight much less. In various seminars around the world, we have found that the employee to system administrator ratio in heterogeneous environments to be about 50:1. The more homogeneous and standard the environment, the higher the productivity. []

[Harris & Randy photo] Harris Kern (harris.kern@sunworld.com) is Sun's Open Systems Migration Consultant for NAAFO Market Development. Randy Johnson (randy.johnson@sunworld.com) owns R&H Associates, a full-time rightsizing consultancy in Boulder Creek, CA. R&H Associates helps people worldwide in implementing and supporting client/server infrastructures based on their proven methodologies. © 1994 Harris Kern and Randy Johnson. All rights reserved.

Pick up a copy of their book Rightsizing The New Enterprise: The Proof Not the Hype, SunSoft Press/PTR Prentice Hall, ISBN 0-13-132184-6, or their new book Managing The New Enterprise: The Proof Not the Hype by Kern, Johnson, Hawkins, Law, and Kennedy, SunSoft Press/PTR Prentice Hall, ISBN 0-13-231184-4. Browse SunSoft Press offerings at: http://www.sun.com/smi/ssoftpress It's a hit!
In just over a month of sales, Advanced Systems columnists Harris Kern & Randy Johnson's new book, Rightsizing the New Enterprise: The Proof, Not the Hype (ISBN 0-13-132184-6), has become a best-seller, according to SunSoft Press Publisher Karin Ellison. She also tells us that Logan Campbell, president of PTR/Prentice Hall -- the book's commercial publisher -- has put it on top of their Fall "A" sales list. It's proof enough for us that rightsizing to Unix distributed systems is no hype. Way to go, guys!

[Amazon.com Books] You can buy Managing The New Enterprise and Rightsizing The New Enterprise at Amazon.com Books. Resources

[Copyright 1995 Web Publishing Inc.]

If you have problems with this magazine, contact webmaster@sunworld.com
URL: http://www.sunworld.com/asm-11-1994/asm-11-unix.html
Last updated: 1 November 1994